Buffer overflow in Measuresoft Scadapro

CVE-2011-3490

Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrate…

Vulnerability class: Buffer Overflow

EPSS: 0.406 (97.4th percentile) — read the EPSS interpretation.

Affected products

Measuresoft Scadapro — versions 2.1, 2.2, 2.3
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

8382 (x_refsource_SREASON, third-party-advisory)
17848 (Exploit, exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (US Government Resource, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)